A large number of distributed client/server computer networks are known wherein an appropriate authorisation code must be transmitted from a client to a remote server for the client to gain access, via the server, to a particular network resource.
The vast majority of authorisation codes comprise a series of alphanumeric characters, a “password”, which is entered by a user via a keyboard interface.
However, a password is inherently difficult to remember, particularly if it used seldomly over a prolonged period of time, and is easily conveyed either verbally or visually to an unscrupulous third party who might use the password to gain unauthorised access to a network resource.
Our European patent No. 0614559 discloses a personal identification device for providing controlled access to a computer system. The device comprises a store of identification codes and associated authorisation codes, access to the computer system being provided where an identification code/authorisation code combination, submitted by a user, matches a combination stored previously in a memory of the device.
The device of European patent No. 0614559 overcomes the problems associated with the use of alphanumeric passwords by using, for each authorisation code, a respective series of complex images selected from a plurality of similar complex images. Such complex images may take a number of different forms, e.g. visual images, auditory images, etc., however digitised images of human faces have been found to be particularly suitable due to the innate ability of humans to readily distinguish between faces which differ in appearance from one another in very subtle respects, but also due to the fact that such subtle differences in appearance are very difficult to convey verbally or otherwise from person to person.
An object of the present invention is therefore to incorporate, in a particularly efficient and secure manner, a personal identification system of the type disclosed in European patent No. 0614559 into a distributed client/server computer network, to thereby provide a client with controlled access, via a remote server, to a particular network resource.